package it.unibz.ti2.internetPizzeria.filters;

import it.unibz.ti2.internetPizzeria.utils.ServletUtil;
import it.unibz.ti2.internetPizzeria.webAttributes.UserInfo;

import java.io.IOException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Class reponsible for checking user permissions to webpage
 */
public class AuthorizationFilter implements Filter{

	private List<String> customerPages = null;
	private List<String> employeePages = null;
	private List<String> managerPages = null;
	private Set<String> allPagesRequiringUser = null;
	
	public void destroy() {
		
	}

	/**
	 * Checks if a page requires user to be authenticates and if user is allowed to access this page. If not redirects to login page.
	 */
	public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2) throws IOException, ServletException {
		if (arg0 instanceof HttpServletRequest) {
					
			HttpServletRequest request = (HttpServletRequest) arg0;
			String path = request.getServletPath();
			UserInfo userInfo = (UserInfo)request.getSession().getAttribute("userInfo");
			if (allPagesRequiringUser.contains(path)){
				if (userInfo == null){
					this.redirectToLoginPage(arg0, arg1);
				}
				else{
					if (userInfo.getUserType().equals("Customer")) {
						if (customerPages.contains(path)){
							arg2.doFilter(arg0, arg1);
						}
						else {
							this.redirectToLoginPage(arg0, arg1);
						}
					} else if (userInfo.getUserType().equals("Employee")) {
						if (employeePages.contains(path)){
							arg2.doFilter(arg0, arg1);
						}
						else {
							this.redirectToLoginPage(arg0, arg1);
						}
					} else if (userInfo.getUserType().equals("Manager")) {
						if (managerPages.contains(path)){
							arg2.doFilter(arg0, arg1);
						}
						else {
							this.redirectToLoginPage(arg0, arg1);
						}
					} 
				}
			}
						
			else {
				arg2.doFilter(arg0, arg1);
			}
		}
	}
	
	private void redirectToLoginPage(ServletRequest request, ServletResponse response) throws ServletException, IOException{
		ServletUtil.redirect((HttpServletRequest)request, (HttpServletResponse)response, "login.jsp");
	}

	/**
	 * Reads permissions configuration from init parameters 
	 */
	public void init(FilterConfig arg0) throws ServletException {
		customerPages = new ArrayList<String>();
		employeePages = new ArrayList<String>();
		managerPages = new ArrayList<String>();
		allPagesRequiringUser = new HashSet<String>();
		
		for (String page : arg0.getInitParameter("CustomerPages").split("\\s")) {
			customerPages.add(page);
			allPagesRequiringUser.add(page);
		}

		for (String page : arg0.getInitParameter("EmployeePages").split("\\s")) {
			employeePages.add(page);
			allPagesRequiringUser.add(page);
		}
		
		for (String page : arg0.getInitParameter("ManagerPages").split("\\s")) {
			managerPages.add(page);
			allPagesRequiringUser.add(page);
		}
	}

}
